The Department of Government Services manages the Cyber Security state purchase contract (SPC) and the eServices register. Both can be used to procure cyber security services.
The Cyber Security SPC is strongly recommended for purchasing the cyber security products and services listed below. eServices can be used for any other cyber procurement.
Cyber Security state purchase contract
The following products and services can be purchased through a panel of Cyber Security suppliers:
- endpoint protection
- vulnerability management
- application control
- third party risk management.
Find out more about this contract at Buying for Victoria.
eServices: Cyber security and associated services
The eServices register includes the following cyber security services.
Cyber security general consultation
- stakeholder mapping including needs and risks
- Victorian Protective Data Security Framework - implementation and assessment
- information asset discovery and classification including critical asset
- strategy, policies, procedures and guidelines
- strategy development
- configuration/security architecture assessment, design and implementation
Security audits
- risk assessments and audit
- threat and risk assessments
- IRAP assessments (note must have staff with Australian Signals Directorate accreditation)
Security testing
- social engineering testing including phishing testing
- Red team services
- disaster recovery testing
Technical security services
- anti-malware
- denial of service protection
Monitoring services
- Security Information and Event Management (SIEM) and anomaly detection
- Security Operation Centre (SOC)
- Hunt and CERT services
- threat intelligence
Security incident and Data breach management
- forensic analysis services
- incident management training and event simulation
- incident management procedures
- incident management services
Refer to the eServices register page for more information.
Updated